In recent years, the growth in wireless technology for local area networking, mobile computing and “hotspot” services has been nothing short of explosive. At the same time, there have been discoveries of egregious security vulnerabilities, privacy concerns and a general recognition that failure diagnosis and recovery must be made affordable and expedient.
Wireless networks essentially eliminate the traditional security barriers offered by wired networks and give attackers direct access to both observe and interject communications with any wireless networks in range. Thus, no matter the degree to which encryption and authentication are employed, the need to monitor for and defend against illicit usage and to rapidly diagnose communication disruptions in wireless network environments is critical.
Though products have been developed to address wireless intrusion detection and fault management concerns, these devices are generally insufficient to meet the security demands of wireless network environments. Tremendous resources are expended in identifying malicious traffic, and many of these efforts are still easily subverted. For example, traditional filtering based on medium access control (MAC) address can be subverted by simply forging a MAC address, making signals and sessions approximately free for anyone in the vicinity to generate.
Thus, there is a need in the art for a method and apparatus for identifying wireless transmitters.